… Therapists and counselors often let patients know about confidentiality and the exceptions to confidentiality in a disclosure statement, given to the patient prior to the commencement of treatment. Such a statement may be required by law or by regulation. When the identified patient is the couple, it is important to be clear with the couple as to a variety of confidentiality issues and questions that may arise, such as who owns the records, when will information be released to third parties, how will the therapist or counselor react to a subpoena for records, and under what conditions will the therapist or counselor provide a copy of the records to one of the participants in couple therapy.

To the extent that state law may differ with the following information, therapists and counselors should abide by state law. As to the question of who owns the records, typically the records are the property of the therapist or counselor. They are, in essence, the business records of the owner of the business – in this case, a therapy or counseling practice. Patients of course have a substantial interest in the records, and under state law, likely have certain rights of access (e.g., inspection and copying) and perhaps the right to amend or addend. But the records belong to the practitioner. As to releasing the records to third parties, I have usually recommended that this be done only upon a written authorization, signed by both parties.

Participants in couple therapy should be told that one of them alone does not control what happens with the records – they each have the right to confidentiality, and one of them alone cannot waive the other’s rights. In other words, both must agree in order for the therapist or counselor to act. For instance, a request for a copy of the records would have to come from both parties, or from one with the authorization or approval of the other. After all, the identified patient is the couple. With regard to a subpoena, the therapist or counselor will usually take the position that both must waive the privilege before the records are released, or if both claim the privilege, then the practitioner would typically continue to assert the privilege until the court orders otherwise. Again, if state law differs with any of the above, practitioners should abide by state law.

… When therapists and counselors view the couple as the client, a question arises about the confidentiality obligations of the practitioner as between the two participants. For example, suppose that the therapist or counselor sees the couple for several sessions conjointly and then decides to see them individually for a few sessions before bringing them back together. Are the communications between the therapist or counselor and the individual to be kept confidential as it relates to the other participant in the couple therapy? Or, may the therapist or counselor share such information with the other participant as he or she deems necessary and appropriate for the effective treatment of the couple – the identified patient? Prospective participants in couple therapy should be informed about the practitioners approach to this important aspect of confidentiality.

In my view, a couple should be informed (unless state law or other authority differs with the following) that the practitioner views the identified patient as the couple and that during the course of working with the couple it may be necessary to see each of them in one or more “one on one” sessions. Such sessions are to be viewed by the couple as a part of the couple therapy unless otherwise indicated by the therapist. While the “one on one” sessions are confidential in the sense that the therapist will not release the information to a third party, the therapist may need to share information learned in an individual session with the other participant in couple therapy. If the therapist is not free to exercise his or her clinical judgment regarding the need to share this information with the identified patient – the couple – the therapist might be prevented from effectively serving the needs of the couple.

The therapist can inform the couple that he or she will use his/her best judgment as to whether, when, and to what extent he or she will make disclosures to the other person. The therapist can also let the couple know that, if appropriate, he or she will give the individual the opportunity to make the disclosure. It is important to point out that disclosures by the practitioner will be made, if they are made at all, for treatment (of the couple) purposes. In essence, the disclosures, if made, should be seen as a necessary part of the couple therapy. If one of the participants wants complete confidentiality as to his or her communications, that participant can of course see another therapist or counselor for individual treatment. The therapist can let the couple know that should one of them need individual treatment, a referral can be made.

If this kind of understanding is not made abundantly clear at the outset, the individuals participating in one on one sessions may share “secrets” and thereby create a conflict for the therapist or counselor, possibly requiring an early termination. This would not be in the best interests of the identified patient – the couple. Failure to clearly articulate such a policy will often allow one of the participants to sabotage the couple work. Such a policy should be in writing and should be signed by the patient (the couple) prior to the commencement of treatment and after it is discussed and understood by the couple. Remember, to the extent that state law or regulation may differ with the above, or to the extent that a therapist or counselor’s views or methods of practice may differ with the above, adjustments to the policy can be made.

… Suppose a therapist is treating a fifteen-year old girl who tells the therapist that she is pregnant and is thinking about obtaining an abortion. Is the therapist required to keep this information confidential? Must a report of child abuse be made? What is the liability of the therapist if the parents are not informed of this information by the therapist and the abortion takes place, perhaps causing the girl to become seriously depressed? The answers will necessarily depend upon the applicable laws in the particular state involved – and may vary from state to state. It is critical, however, that practitioners know or obtain the answers to these and other questions.

In one state, for example, the answers are reasonably clear. That state’s law makes clear that the pregnancy of a minor, in and of itself, does not constitute a basis for a reasonable suspicion of child abuse. Of course, if the girl were to reveal that she was pregnant as the result of being forcibly raped by her teacher, a child abuse report would be required. The pregnancy could be the result, for example, of consensual sexual intercourse between the girl and her seventeen-year old boyfriend (not reportable as child abuse in this particular state). The therapist in this particular state would be required to keep this information confidential and would be able to successfully resist an effort by the parents to find out information by inspecting, or obtaining a copy of, the child’s treatment records. The therapist might encourage the minor to reveal this information to the parents herself, but would generally respect the girl’s desire to keep this information from her parents.

… Suppose that a patient has signed an authorization form allowing you to release confidential information to a third party, but after leaving your office calls you to request that the information not be disclosed. Or, suppose the mother of a 10 year-old patient authorizes you to release information to the child’s private school, but before you send the records the father calls you and requests that you not send the records until he has had a chance to review them. How should you handle such situations? The answers to these questions depend upon a variety of factors, not the least of which is state law, but there are some general principles that can provide guidance in many such cases.

In the first scenario, the issue involved is revocation of a previously signed authorization form. In other words, should the therapist obey the verbal wishes of the patient and not send the records? If the patient shortly after the oral revocation again indicates that he or she wants the records sent, the therapist’s delay in sending the records might, in a given case, cause some problems for the patient. If the therapist were to ignore the patient’s verbal revocation request and send the records too quickly, the patient may be very angry and may claim a breach of confidentiality. In order to avoid being in “no person’s land,” it is important for the therapist to be on top of the situation, to move quickly, and to be real clear with the patient.

While the following basic principles will help in most cases, this situation can on occasion mushroom into a major problem for the therapist or counselor affected. First, patient authorizations to release confidential information to a third party must generally be written and signed. The general rule in most states is that just as a verbal authorization to release confidential information is not valid, a verbal revocation of a previously signed authorization is likewise not valid. Typically, the revocation must be in writing. It is important for the therapist or counselor to get that revocation in writing promptly so that the practitioner does not wind up confused about the course of action to be taken. A fax from the patient, followed by receipt of the original written revocation, should usually suffice.

In the second scenario, it is important to understand that the therapist or counselor may (depending upon state law) be able to act upon the signature of either parent in many situations. It is also important to understand that while either parent may often be able to authorize the release of confidential information pertaining to their minor child, the law may merely allow, but not require, the release of such information. Therefore, some practitioners routinely tell the parents of a child that they will only act upon the signature of both parents, and if there is disagreement, the practitioner will await their resolution of the dispute. This approach may work in many instances, but it also may be problematic.

Suppose that the information is important to a decision that must be made with respect to the child and that time is of the essence. Suppose further that the parent who has physical custody of the child wants the information to be released and the other parent, who has joint legal custody but no physical custody, wants the practitioner to not release the information until the records are inspected by that parent. In cases like this, it is sometimes helpful to look at the situation in a bifurcated way. That is, the practitioner may decide to let the parent with no physical custody know that there are separate rules with respect to inspection of records and that he or she is free to inspect the records pursuant to the process provided for by the laws of that particular state. With respect to the issue of authorizations, however, that parent can be informed that since either parent may sign the written authorization, the therapist is going to obey the wishes of the custodial parent – that is, the parent with whom the child resides.

… How do your state laws interact with HIPAA regulations, primarily the “Privacy Rule?” What efforts are being made in your state to subject all practitioners to HIPAA requirements? What misconceptions do you or others have about HIPAA requirements and its applicability to your practice? It is important, from time to time, to think about these questions and to get answers so that you can stay abreast of changes that may affect your policies and practices concerning confidentiality and patient access to records.

Whether or not you are a “covered entity” (may be an individual private practitioner or a larger health care business - like a hospital - that engages in specified insurance related transactions electronically), it is important to understand the basics about HIPAA and the federal regulations referred to as the “Privacy Rule,” and how they interact with state law. If you are a covered provider, you must know about state law requirements and how they interact with HIPAA because, among other things, you will likely have to resolve conflicts between state law and the provisions of the “Privacy Rule.”

For example, if your state law allows a patient to access his or her records within a specified time frame, and if HIPAA regulations allow access within a longer period of time, the federal regulation is superseded by the state law provision. On the other hand, if your state law allows you to provide a patient with a summary of his/her records in lieu of the complete records, HIPAA regulations may take precedence over the state law. In most states, a variety of organizations have analyzed the “Privacy Rule” and state law, and have identified which law a “covered entity” must follow in particular circumstances.

For those who are not covered providers, state law governs. However, many states are in the process of reconciling their state law with the federal regulations, so it is important to keep current on such issues as a patient’s right to inspect or to get a copy of his/her records, a patient’s right to amend or addend his/her records, and a therapist’s right or duty to break confidentiality under specified circumstances. The California Legislature has this year passed a law that allows a therapist to break confidentiality in dangerous patient situations - and has essentially taken the language from the “Privacy Rule.” Therapists in California who are not covered providers under HIPAA will soon (1/1/08, if signed by the Governor) be bound by a state law provision taken directly from the “Privacy Rule.”  So, stay alert and up to date!

As to common misconceptions, there are several. One common misconception at the beginning of HIPAA’s implementation in 2003 was that all licensed psychotherapists or health care practitioners were covered and bound by HIPAA. This, of course, is not true. Another misconception was the failure to realize that under HIPAA regulations, health care providers were free to break confidentiality, without the patient’s written authorization, in order to communicate with other health care providers about the diagnosis and treatment of the patient and in order to get payment from insurance companies. This freedom to share information without the patient’s written authorization is disclosed to the patient in the required Notice of Privacy Practices.

A third and somewhat broader misconception involves the manner in which “psychotherapy notes,” as that term is used in the “Privacy Rule,” is treated under HIPAA, and the manner in which it is to be handled by practitioners. The key fact that is misunderstood is that the definition of the term does not include the treatment records pertaining to counseling session start and stop times, the modalities and frequencies of treatment furnished, the results of clinical tests, symptoms, or summaries of diagnosis, functional status, treatment plan, prognosis and progress to date.

“Psychotherapy notes,” under HIPAA, a) must be kept separate from the rest of the patient’s mental health records, b) the therapist may properly deny the patient access to the psychotherapy notes when the patient makes a written demand for a copy of his or her records, c) insurance companies are not ordinarily entitled to psychotherapy notes without the patient’s written authorization (despite the general rule that covered providers are permitted under HIPAA to share confidential information with insurers for the purposes of obtaining payment), and d) in litigation, psychotherapy notes are discoverable (pursuant to a subpoena) when mental health records are determined to be relevant and the psychotherapist-patient privilege has been waived or is otherwise not applicable.

It has been my view that in most of these matters, the therapist or counselor has done nothing wrong. The disclosures that are made to the group are typically made for the purposes of the treatment of the individuals in the group and for the group as a whole. The disclosures were not made to “third parties” – that is, to those who were not participants in the group counseling/therapy. Typically, no express promise of confidentiality is made. Even though the client may have expected confidentiality, this may not be reasonable under the circumstances. In most of these matters, the practitioner winds up not being disciplined by the licensing board. In a few cases, however, closure of the case does not come easily. As usual, the facts and circumstances vary from case to case, and thus the degree of vulnerability of the practitioner varies as well. 

… While I have written about this topic before in a variety of contexts, it is worth repeating and consolidating. Therapists and counselors are, of course, concerned about avoiding liability. This is usually accomplished by acting in a competent manner and avoiding negligence – that is, avoiding actions or omissions that are below the standard of care of the ordinarily prudent practitioner of the same licensure under the same or similar circumstances. Ordinarily, a therapist or counselor is not “immune from liability,” as that term of art is generally understood, when he or she acts competently and appropriately. A patient or client may nevertheless decide to file a claim or suit against a practitioner in any case and the practitioner will need to defend against the allegations. This will typically involve the malpractice insurance carrier and may result in a settlement for nuisance value, a defense verdict, or a dismissal of the charges.

Under certain circumstances, however, the practitioner may be entitled to immunity from liability. This immunity is typically granted under state statute. It essentially means that if a lawsuit is filed, the practitioner will be entitled to have the case dismissed at an early stage of the proceedings, often upon a motion for summary judgment or a similarly titled motion made early in the legal proceedings. Perhaps the prime example of immunity statutes is found in the child abuse reporting laws of the various states. While I cannot speak for each state, the typical law essentially provides that a mandated reporter shall not have any liability (civil or criminal) for making a child abuse report that is mandated or authorized under the state statute. In California, the immunity from liability is absolute – it applies even where the mandated reporter was negligent in making the report, such as where the practitioner negligently (and suggestively) used an anatomically correct doll that resulted in a report being made.

California recently added a provision to its child abuse reporting law that extends the immunity to situations when reports are made by the mandated reporter where the knowledge or reasonable suspicion of child abuse or neglect is obtained outside of the reporter’s professional capacity or outside the scope of his or her employment. In these situations (in California), a child abuse report is not mandated - but rather, a report is permitted. The California immunity statute also provides, among other things, that no person required to make a child abuse report shall incur any civil or criminal liability for taking photographs of a suspected victim of child abuse or neglect without parental consent, or for disseminating the photographs with the required reports.

Finally, the statute also allows the mandated reporter to recover attorney’s fees (up to $50,000) and costs from the State when those fees and costs are incurred as a result of defending an action that is brought against the mandated reporter for making the required or authorized report – provided that the case is either dismissed by the court pursuant to the immunity statute or the mandated reporter prevails in the action, should it for some reason not be dismissed at an early stage of the proceedings.

As with child abuse reporting laws, elder abuse reporting laws and dependent adult abuse reporting laws (or similarly titled laws) typically contain immunity from liability provisions for mandated reporters who make required or authorized reports of known or suspected elder or dependent adult abuse. These laws may also provide immunity for taking photographs of suspected victims of abuse and for dissemination of the photographs with the required reports.

Another possible immunity from liability may be found in the statutes dealing with the patient who is an imminent danger of physical violence to another. As has been stated in other articles I have written for the CPH’s Avoiding Liability Bulletin, the laws (including case law) differ from state to state with respect to the duty of a therapist or counselor when a patient threatens physical violence against another. Some states have enacted statutes that are intended to provide practitioners with a zone of protection (“safe harbor”) in this nettlesome area of practice. Thus, in California, a law was enacted that provides immunity from liability for psychotherapists who make reasonable efforts to communicate a patient’s serious threat of physical violence against a reasonably identifiable victim when the communications are both to the victim and to a law enforcement agency.

While the general duty in California is based upon the famed California Supreme Court’s Tarasoff v. University of California decision of 1976, that duty does not require both of the actions specified above. The general duty is to take reasonable steps to protect the identified victim. That duty may include warning the victim, calling the police, hospitalizing the patient, or taking other appropriate action. Depending upon circumstances, one or more of these actions may be appropriate. While such action may not result in liability for the therapist because he or she may ultimately be found to have acted reasonably under the circumstances, the therapist in such case is not entitled to immunity from liability. To be within the zone of protection offered by the immunity statute, both actions specified in the statute must be taken. Massachusetts has an immunity statute that allows the psychotherapist to take any one of several actions specified in the law to attain immunity. Is there an immunity statute in your state regarding the dangerous patient issue? What must be done to attain immunity?

There may also be immunity statutes in some states that protect members of ethics committees or peer review committees of mental health professional associations. Generally, the immunity from liability will apply to acts or proceedings undertaken or performed within the scope of the functions of these committees, which are formed to maintain the professional standards of the particular mental health profession and which are authorized in the association’s bylaws. Immunity may only be granted if the member acts without malice and in a good faith or reasonable belief that the action taken by him or her is warranted by the facts. The exact conditions or limitations of the grant of immunity to peer review bodies or ethics committees will likely vary in fine nuance from state to state, as will its applicability (or non-applicability) to specific professions.

There may be a related statute that protects members of a peer review or ethics committee (and perhaps others who are present – such as a witness) from having to testify in a legal proceeding as to what transpired at a meeting attended by such member of a committee (or other person in attendance). Similarly, the records of the peer review or ethics committee may be protected by statute from discovery in many kinds of legal proceedings. Technically, these latter two protections related to ethics or peer review committees are privileges that are granted by statute rather than immunities from liability. Do these privileges exist in your state and for your profession?

People who provide information to professional societies (such as a professional association of mental health practitioners) may be entitled to statutory immunity from liability if the communication is intended to aid in the evaluation of the qualifications, fitness, character, or insurability of specified mental health practitioners. Likewise, immunity may exist for communications made by a person to a hospital, hospital medical staff, professional licensing board or professional school offering a qualifying degree program – if intended to aid as indicated above. As with other immunities, the exact conditions or limitations of the grant of immunity varies in fine nuance from state to state, as does its applicability.

Finally, a statutory immunity from liability may exist for certain professional association referral services, where members of the public are referred to members of the referral service. The immunity may apply to the association itself and to its agents, employees, or members. The immunity granted to the referral service (and others) may apply to acts of negligence or conduct constituting unprofessional conduct committed by a professional to whom a member of the public was referred. There likely will be limitations or conditions to such a grant of immunity, as well as exceptions to the grant of immunity itself. For example, the immunity may not exist if there has been a failure by the referral service (or its agents or employees) to disclose the nature of a known disciplinary action taken by a licensing board against the professional person to whom the member of the public was referred. My usual caution of variations on a state-by-state basis applies to this possible immunity!

Printable Versions: [ Download WORD.doc ] [ Download Acrobat.pdf ]

… Confidentiality is the primary cornerstone of psychotherapy. Without the promise of confidentiality, patients and clients would be reluctant to “open up” with their therapists and counselors, and as a consequence, successful treatment would likely be hindered. Therapists and counselors learn about confidentiality early in their careers and understand its importance. Hopefully, they also understand that a negligent or intentional breach of confidentiality can result in significant negative consequences for them.

Typically and traditionally, the patient or client has had two remedies. One remedy is to sue for monetary damages in a civil lawsuit. Depending upon the nature and extent of the breach, and the consequent damages or harm to the client, the civil lawsuit might have significant value. Hopefully, the practitioner will be covered by professional liability (malpractice) insurance! (Intentional acts are typically excluded from coverage). The other remedy available to the client is the filing of a complaint with the licensing board. A complaint could result in a fine, a suspension or revocation of one’s license, multiple years of probation upon various and onerous terms and conditions, or a combination thereof. Additionally, licensing board actions are usually publicized, in one way or another (e.g., on the Internet).

It is now possible, at least in one state, for an inadvertent breach of confidentiality to result in monetary liability (administrative fines) by three separate governmental entities – one federal agency and two state agencies! Imagine a practitioner who inadvertently sends records to a third party, but later realizes that the authorization form that the patient signed was only valid through a certain date, which had recently passed. The possible implications of such a situation, or other more serious situations involving a breach of confidentiality, are rather extensive in this state and perhaps others.

In the state referenced above, the licensing board for marriage and family therapists and clinical social workers has the authority, as an alternative to the usual disciplinary actions they can initiate, to issue an administrative citation for violations of the law that are inadvertent or minor in nature. Such a procedure allows the practitioner to pay the fine assessed by the Board (up to $5000) or to contest it, both informally and formally.

If the practitioner is a “covered entity” under HIPAA, then he or she is also subject to a complaint to, and fine by, the federal Office of Civil Rights, which is part of the U.S. Department of Health and Human Services. While the range of possible fines per violation is rather wide, depending upon the circumstances, inadvertent or negligent violations of confidentiality, especially for first time offenders, have been rather light under the HIPAA enforcement provisions. Recently, however, Congress passed the so-called “stimulus package” in order to stimulate the economy – more formally known as the American Recovery and Reinvestment Act. A part of that Act is the HITECH Act – which stands for Health Information Technology for Economic and Clinical Health. In the latter Act, the amount of the civil fines that may be assessed against a “covered provider” has been substantially increased. Providers can either pay the administrative fine or contest the matter.

As if that were not enough, the state referenced above has created yet another agency that can fine licensed health care professionals for violations of a patient’s confidentiality. This new agency, the Office of Health Information Integrity, is a creature of recent legislation. Its general purpose is to ensure the enforcement of state law mandating the confidentiality of “medical information” (includes mental health records maintained by a variety of psychotherapists) and to impose administrative fines for the unauthorized use of medical information. The reason why this law was passed (in my view, in haste and without enough thought) is directly a result and reaction to some gross breaches of confidentiality that occurred regarding one or more well-known entertainers. Legislators quickly reacted by passing this law – which is somewhat duplicative of the HIPAA enforcement provisions and various licensing law and related provisions allowing for administrative fines and more severe disciplinary action.

The penalty provisions for violating confidentiality have been expanded by this recently passed state law. On the upper end of the penalties for a breach of confidentiality, a $250,000 administrative fine or civil penalty is possible, for example, if a licensed health care professional knowingly and willfully obtains, discloses, or uses medical information in violation of the state’s basic confidentiality law for the purpose of financial gain. This stiff fine or civil penalty (the maximum) is applicable in the case of a third violation. A first time violation could garner an administrative fine or civil penalty up to $5,000, while a second violation could result in a fine or civil penalty of up to $25,000. Lesser penalties are provided for in cases where a disclosure is made by a licensed health care professional as the result of negligence (as opposed to knowing and willful behavior) and not for financial gain.

This new law requires every provider of health care to establish and implement appropriate administrative, technical, and physical safeguards to protect the privacy of a patient’s medical information. It requires providers of health care to reasonably safeguard confidential medical information from any unauthorized access or unlawful access, use, or disclosure. While the requirements mentioned above have not previously been expressly stated in the law (other than in HIPAA regulations), the duty of confidentiality obviously, and as a practical matter, requires these basic steps to be taken by any practitioner who is duty bound to preserve patient confidentiality. A bill has recently been introduced in the state’s Legislature that would give the newly created Office of Health Information Integrity the right to audit the procedures and records of a provider of health care at any time in order to determine the provider’s compliance with these requirements. I expect that this bill will be the subject of great concern for associations representing various providers of health care. 

BREACH OF CONFIDENTIALITY? – No Revelation to Third Party

… What duty of confidentiality does a therapist or counselor have with respect to the use of the information gained during a counseling session? For instance, suppose that a therapist learns something from a patient involving financial or business information related to a publicly traded company. It may be unlawful insider information or not. Or, suppose that a counselor learns that a client is selling a valuable parcel of real property. Should the therapist or counselor take action on this kind of information in an attempt to benefit, either directly or indirectly, from the information shared in the confidential counseling or therapy session? The short and safe answer to the question is “no.”

An interesting question presented is whether or not the therapist or counselor would technically be violating confidentiality if he or she acted upon the information gained during the course of treatment. Generally, a breach of confidentiality takes place when the therapist or counselor releases confidential information to a third party without the written authorization of the patient (assuming the practitioner is not otherwise required or permitted by law to make the disclosure). In the situations described above, the practitioner is not necessarily releasing any information to a third party. In the first scenario, the therapist might just act upon the information by investing in the company, and in the second scenario, the counselor’s wife might engage a realtor in order to buy the property.

Depending upon state law, and how the relevant statutes are worded, it may be arguable that neither situation involved a breach of confidentiality. It is true that the therapist or counselor learned of the information during a confidential session, but the information itself may not be confidential. If a patient tells her therapist about how wonderful a resort was, or how excellent a new restaurant was, is not the practitioner permitted to try either? In the two scenarios, the information learned had nothing to do with the mental or emotional condition of the patient or with any other aspect of the professional relationship. I mentioned in a previous article the case where a therapist learned from a patient that a large employer was presently hiring, and gave that information, which was public information (the hiring was advertised), to another patient. This sharing of information with another patient caused some problems for the therapist, but it was my view that technically, a breach of confidentiality did not occur.

With respect to the scenario concerning acting upon the financial or business information revealed during therapy, if it were unlawful insider information, the therapist would likely be in trouble. Perhaps the patient felt, because of confidentiality, that it was safe to talk about inside information with the therapist. The fact that the therapist used that confidential information to further his or her own financial interests and thereby compromised the patient’s position by exposing the patient to federal prosecution, and arguably exploited the patient for the therapist’s own financial gain, seems to be the essence of the wrongdoing. While a licensing board could argue breach of confidentiality, it may not be the best or most appropriate charge. With respect to the scenario involving the hiring of a realtor to buy the property, the issue of an unethical dual relationship seems much more the focus of inquiry than breach of confidentiality.

MINORS AND PRIVILEGE

… Each state treats this subject somewhat differently, and in some cases, it is not easy to determine who the holder of the psychotherapist-patient privilege is when the patient is a minor. I have previously written about this subject and indicated that in many instances, the child is the holder of the privilege where the child is the identified patient. This may be so, at least in some states, even where the child is of tender years. For example, case law in California has held that a child who was seven years of age was the holder of the privilege and the child’s therapist was the one who could and should assert or claim the privilege on behalf of the child.

In juvenile dependency cases, where a child may be removed from the home as a result of suspected child abuse, the determination of who the holder of the privilege is may be quite difficult. For example, in one state the law provides that either the child or the counsel for the child may invoke the psychotherapist privilege. If the child invokes the privilege, counsel may not waive it, but if counsel invokes the privilege, the child may waive it. The above provisions apply, with the informed consent of the child, if the child is found by the court to be of sufficient age and maturity to so consent. The capacity of the child to give informed consent is presumed, subject to rebuttal by clear and convincing evidence, if the child is over 12 years of age.

Counsel is the holder of the privilege if the child is found by the court not to be of sufficient age and maturity to so consent. The law makes clear that counsel for the child shall have access to all records with regard to the child maintained by, among others, a health facility or health care provider. What is the law in your state regarding this complex determination re: holder of the privilege? It is important to remember, when dealing with privilege, that the therapist or counselor’s duty is to protect the patient’s privacy and to protect the privilege until such time as the holder of the privilege has been identified and a waiver of the privilege is clearly established.

SOMETHING LIGHTER

… Last month I wrote about the Red Flags Rule. As a follow up to that topic, I recently read a post from a disgruntled dentist who was frustrated by the government’s “reckless, heavy-handed, one-size fits-all laws….” He asserts that since he doesn’t put patients’ identifiers on his computer, his Red Flags policy is simple and in compliance: “Staff, if you notice anything unusual in relation to our patients’ accounts, or if you are handed an unusual looking drivers license, notify me immediately. The Management”

HEALTH CARE FRAUD

… According to the National Health Care Anti-Fraud Association, which is an organization founded in 1985 by several private health insurers and federal and state government officials to combat health care fraud, the most common fraudulent acts include, but are not limited to:

1) Billing for services, procedures and/or supplies that were never provided or performed;

2) Intentionally misrepresenting any of the following, for purposes of obtaining a payment – or a greater payment – to which one is not entitled:

• the  nature of services, procedures and/or supplies provided or performed;
• the dates on which services and/or treatments were rendered;
• the medical record of service and/or treatment provided;
• the condition treated or the diagnosis made;
• the charges for services, procedures and/or supplies provided or performed;
• the identity of the provider or the recipient of services, procedures and/or supplies; and

3) The deliberate performance of medically unnecessary services for the purpose of financial gain.

Read these examples of health care fraud and think carefully before, for example, complying with a patient request that might involve any of these practices.

… While practitioners must be mindful of the duty of confidentiality and must instinctively lean toward resisting (at least initially) disclosures without the patient’s signed authorization, it is also useful for practitioners to know well the exceptions to confidentiality – those that are required and those that are permissible. When some form of disclosure is mandated, the decision of the therapist or counselor (assuming awareness) is easy. When the disclosure is permissive, it does not necessarily follow that the practitioner should or will disclose without a written authorization. One hopefully interesting example follows.

The primary and most significant exceptions to confidentiality are found in the laws dealing with the mandates for counselors and therapists to report known or reasonable suspicion (or a similar standard) of child abuse, elder abuse, and dependent adult abuse. Connected with these duties is the issue of whether or not a therapist or counselor, after making such a report, is required or permitted to cooperate with the investigator of the abuse who desires further information, perhaps appearing at the office of the practitioner who made the report – either announced or announced. For example, in one state the law provides that information relevant to the incident of child abuse or neglect may be given to an investigator from an agency that is investigating the known or suspected case of child abuse or neglect.

What is the law in your state with respect to giving information to the investigator after you have filed the mandatory report(s)? I have counseled therapists in California around this issue for many years – and each situation is different. For example, if the therapist were treating the alleged perpetrator of physical or sexual abuse that was revealed and reported during the course of therapy, I would more often than not advise the therapist not to cooperate with the investigator. Of course, if the therapist discusses the matter with the patient and/or with the patient’s attorney, the patient may sign an authorization form allowing the therapist to communicate with the investigator. While the law allows the communication without the patient’s written authorization, it does not mandate it. My view has been that the reporting laws are intrusion enough into confidentiality (although well-accepted at this time), and that there is no need or duty to help with an investigation.

If the practitioner is treating the victim of the abuse, such as a child, the therapist or counselor may be more inclined to cooperate with the investigator. Again, even though the therapist would be able to cooperate with the investigator pursuant to the aforementioned law, that isn’t necessarily the wisest decision. In some cases, the written authorization of both parents would be desired and easy to get, while in others, the written authorization of only one of the parents may be necessary. In some states, depending upon the age of the child and the circumstances involved (such as, being the victim of child abuse), only the child’s authorization is needed – so why not get it? There will be times when a practitioner may choose to provide additional information to the investigator without the patient’s authorization – but the practitioner must first be certain that state law allows this to be done Something that may need to be avoided, in my view, is the effort by an investigator to have ongoing contact with the therapist - expecting to periodically obtain information. Such situations can be awkward or problematic, whether with or without an authorization.

… I thought it might be useful to pass along some information related to a question that was recently asked of me. I was asked what the obligations were of a therapist or counselor if he or she agreed to see a deaf patient who was seeking professional services. More specifically, I was asked whether the therapist or counselor would be obligated to provide and pay for an interpreter? To my surprise, the answer seems to be “yes.” While there may be circumstances that would allow for a different answer, such as where an undue burden would be created by imposing these requirements upon a practitioner, see the article referenced below for a thorough and thoughtful discussion of this topic.

Rather than express my own opinion about this interesting question, I will simply refer you to the February 14, 2008 article entitled A Matter of Law: Providing an Interpreter for the Deaf under ADA (a Practice Update written by the Legal and Regulatory Affairs Staff of the American Psychological Association Practice Organization). Be sure to read the section at the end of the article that starts with “PLEASE NOTE.” It is useful to read this article, especially in light of the fact that the reader’s mental health professional association likely has one or more provisions in its ethical standards that either prohibits the denial of services to people on the basis of physical disability, or requires that the practitioner makes reasonable efforts to accommodate patients or clients who have physical disabilities, or both.

You can access this interesting article here.

… The laws dealing with school counseling and confidentiality in California are now being examined by the Office of the Attorney General, which is expected to write an Opinion this year regarding an interesting question that has been asked by Senator Mark Wyland. The question was as follows: Is a school counselor required to disclose a student’s pregnancy to the student’s parents if the counselor believes that disclosure is necessary to prevent harm to the student? Also asked was whether a school district and counselor can be held liable for failure to make disclosure to parents of such pregnancy-related or abortion-related information when the student suffers harm that could have been averted by the parents.

While Opinions of the Attorney General do not constitute controlling legal authority regarding the interpretation of the law, they are entitled to great weight and respect by the courts. I fully expect that after the opinion is issued, there will be a need to amend the statute that will be interpreted in the opinion. The statute involved is found in the Education Code. It differs from the laws of confidentiality generally applicable to licensed mental health professionals who are treating children (outside of the school setting) with or without parental consent. It is a poorly drafted statute and it is not particularly protective of confidentiality. For example, it would allow a school counselor to report information to a principal or parent when the pupil indicates to the school counselor that a crime involving substantial property losses has occurred in the past. There are other problems with the statute, including the provision relevant to the opinion to be issued, which talks of a “clear and present danger to the health, safety, or welfare of the pupil.” Such language can be broadly interpreted to allow many disclosures.  It is my educated guess that although the statute is worded poorly and can be interpreted as a mandate to disclose, the Attorney General will opine that the school counselor is not required to make a disclosure to the parents. The Attorney General’s Office will likely analyze how such a matter would be handled in a private practice situation, where the minor is being treated with and without parental consent. The California statute to be interpreted is found in Section 49602(c) of the Education Code.

…. A reader indicated that on a list serve she visited there was “considerable disagreement over the expectations of confidentiality for a client in possession of child pornography.” She asked that I consider writing about this topic. I am not surprised that there was considerable disagreement. Many interesting issues and questions can arise for the practitioner in this area, and clear, helpful answers depend upon the factual and clinical particulars involved, and most importantly, the precise question(s) asked. Since I did not participate, I do not know what questions were asked and what principles or assertions were being put forward. As an aside, my experience with list serves, and the informal opinions or views expressed by the participating therapists, is that there is a reasonable chance for miscommunication to occur and/or misinformation to be shared. Nuances are sometimes overlooked, questions are not precisely asked, and the chance for disagreement, sometimes confusion, is heightened. At least, that is my perception!

The reader asks about “the expectations of confidentiality for a client in possession of child pornography.” I am assuming, for purposes of the discussion that follows, that a patient or client, or someone else, tells the treating therapist or counselor that the patient/client possesses, or has possessed, some form of child pornography. Perhaps the same issues and questions are raised by asking whether a therapist or counselor has a duty to file a child abuse report when made aware, either directly or indirectly, that the patient possesses or has possessed, child pornography. Possession, manufacture, or distribution of child pornography is typically a crime at the state level and may constitute a federal crime as well. The discussion that follows represents my views on the subject and they are not intended as advice in a particular case.

Ordinarily (there are exceptions in state law), therapists and counselors are not required to report the already committed crimes of their patients. During the course of therapy or counseling, patients may reveal past conduct that technically constitutes a crime, whether a misdemeanor or a felony. For example, if a patient tells his or her therapist that in the past he has committed multiple petty thefts, this is generally viewed as confidential information. But every state (I trust) has enacted laws requiring mental health practitioners and others to report child abuse and elder or dependent adult abuse (or similarly titled kinds of abuse). Most practitioners (again, I trust!) inform their patients or clients, in writing and at the outset of treatment, of specified information about their practices, including but not limited to, information that is required to be provided as per state law, the fees for professional services and for missed sessions, office policies, insurance or other third party payment matters, and information related to privacy and confidentiality concerns.

With respect to confidentiality, written disclosures would typically be made regarding the exceptions to confidentiality, such as the duty to report child abuse, elder abuse, and dependent adult abuse, and the right or duty to take action in cases where the patient poses a serious danger of violence to others or to self. If the practitioner discusses some or all of the written information provided to the client or patient, he or she should clearly want to discuss confidentiality, since confidentiality is generally seen as the “cornerstone” of counseling and psychotherapy. It would not be typical, however, for the practitioner to, at the start of treatment, get into much detail about the technicalities concerning what constitutes child abuse, including what constitutes sexual exploitation or sexual abuse of a child, or related terms, including child pornography. This kind of information would more likely be discussed with a patient when a particular situation arises during the course of treatment, or when the patient asks questions about what constitutes child abuse or the limits of the child abuse reporting law.

Suppose that the patient shares information about his or her possession of child pornography. Once child pornography is “on the table” in the session, no matter how it got there, questions of confidentiality are in the forefront. May the practitioner assure the patient of continued confidentiality as they discuss the clinical and treatment issues that may be involved? Is the therapist mandated by law to break confidentiality by, for example, filing a child abuse report? Must the patient have be informed that his or her expectations of confidentiality depend upon the content of the therapy and the determinations made by the practitioner as treatment proceeds? These are weighty questions, and the answers are necessarily dependent upon state law, both with respect to confidentiality laws and child abuse reporting laws. This discussion is based upon California law. The laws in other states would have to be carefully studied in order to determine how a particular state might address these or related issues and questions. Of course, the particular facts and circumstances of each case will necessarily affect the answers to these questions. 

Possession of child pornography is a crime, as is producing, preparing, publishing, or printing child pornography with intent to distribute to others. There has been a marked increase in child pornography crimes as a result, in significant part, of the emergence of the Internet. California law criminalizing the simple possession of child pornography is contained within a rather complex series of statutes in the Penal Code dealing with obscenity. Essentially, material that depicts minors engaged in or simulating “sexual conduct” constitutes child pornography. The term “sexual conduct” is defined broadly, and includes, among other things, intercourse, oral sex, lewd and lascivious acts, and masturbation. If such acts are done with a minor, and such acts are depicted in a film, photograph, or otherwise, it likely constitutes child pornography. The prosecution must prove that the crime was knowingly committed and that the defendant knew or reasonably should have known that the person involved or depicted was a minor (under 18 years of age).

If a patient told his therapist that he possessed a photograph or video tape clearly depicting child pornography, the therapist has knowledge or reasonable suspicion that the patient has committed a crime. As mentioned earlier, the past crimes of the patient are ordinarily confidential and not reportable. That is the general rule extant in California and, I hope, in most if not all states. However, if the crime committed by the patient constitutes child abuse, for example, then the therapist would be mandated to make a report and thereby break confidentiality. If not mandated to make a child abuse report, then knowledge by the therapist that the patient possessed child pornography would be confidential, just as it is confidential when a therapist in California learns that a patient possessed illegal drugs, embezzled money from his or her employer, or committed another misdemeanor or felony. Thus, if not mandated to report child abuse, the patient can be assured that the communications with his or her therapist (at least thus far) are confidential. It must be said, and a caution issued, that there are many different scenarios that could and do occur in actual practice where the possession of child pornography by a patient, when taken together with the other facts and circumstances existing in the case, may lead the competent and prudent practitioner to reasonably suspect that child abuse has occurred, thus triggering a mandatory report.

In order to determine whether knowledge of the commission of the crime of possession of child pornography (or reasonable suspicion thereof) would trigger a mandatory report in California, we must look to the child abuse reporting law, which is found in Sections 11164 through 11174.3 of the California Penal Code. “Sexual exploitation” of a child constitutes reportable (mandated) child abuse under this law. Sexual exploitation is a form of sexual abuse, and it includes conduct involving matter depicting a minor engaged in obscene acts in violation of specified sections of the obscenity laws that address preparing, selling, or distributing obscene matter, employment of a minor to perform obscene acts, and other active participation in the exploitation of a child. No such conduct is involved in a case involving simple possession of child pornography (a felony). It is important to note that the section of law dealing with simple possession of child pornography is not mentioned in the child abuse reporting law as one of the sections that, if violated, would trigger a mandatory child abuse report. In contrast, and as stated above, the child abuse reporting law specifies those sections of law dealing with obscenity and child pornography that would constitute reportable sexual abuse of a child (sexual exploitation).

In summary, the child abuse reporting law in California makes no reference to the section of law that makes it a felony to possess a photograph, film, slide, video tape, photocopy, CD-Rom, computer floppy disc (and other media) depicting a person under the age of eighteen personally engaging in or simulating specified sexual conduct. It therefore appears to this writer that the crime of possession of child pornography, assuming no other involvement (e.g., production, sale, distribution, aid in the recruitment of subjects etc.), is not a crime that would require breaking confidentiality under the child abuse reporting law, or otherwise. Remember, our scenario here assumes that the patient’s possession of the pornographic material does not, based upon the totality of circumstances, cause the practitioner to reasonably suspect that the patient has abused or is abusing a child.

What if the therapist or counselor actually sees the pornographic material and it appears that a very young girl is engaged in sexual intercourse with an older man? Must the practitioner report child abuse because the photo itself provides evidence that the unknown young girl in the photo has been the victim of sexual abuse (and the abuser is the unknown older man)? The child abuse reporting law in California requires a report whenever the mandated reporter, in his or her professional capacity or within the scope of his or her employment, has knowledge of or observes a child whom the mandated reporter knows or reasonably suspects has been the victim of child abuse. In this case, the therapist did learn of the apparent sexual abuse of the child in the photo in his or her professional capacity. Did this practitioner “observe a child” being abused by merely looking at the photo? Would the therapist be better served by not reporting this to anyone, but rather, respecting the patient’s confidentiality?

My view is that the practitioner would be acting appropriately by respecting the patient’s right to confidentiality and by not making a child abuse report as a result of the knowledge that the patient possesses or was in possession of material that constitutes or appears to constitute child pornography. The fact that the therapist may have seen the picture does not change my view that this information is confidential. Mere viewing of the photo should not, and in my view would not, transform this situation from a non-reportable one (where confidentiality is protected) to one requiring a child abuse report (where confidentiality is compromised) on the basis of the content depicted in the photo. The therapist must be careful in making his or her assessment of the patient and the entire situation because, if it is later revealed that the patient has been abusing one or more children, the fact that the therapist knew of the patient’s possession of child pornography could be used in litigation as some evidence that the therapist was negligent in assessing the patient and was criminally responsible for his or her failure to report child abuse.  

The legal and ethical duty of confidentiality is the cornerstone of therapy, and licenses can be revoked for violations of patient confidentiality. If there is to be a mandatory exception to confidentiality, as there is when a child abuse report must be made, the exception must clearly be stated in the law. Clarity is necessary because the failure to make a required child abuse report by a mandated reporter is a crime, and crimes must be clearly articulated (not vague and ambiguous) in the law before someone can be lawfully prosecuted and convicted of a particular crime. I see no statement in California law to the effect that possession of child pornography, or the incidental viewing of it by a therapist, would require the filing of a child abuse report. I would argue that the spirit and intent of the reporting law, as well as its specific language, does not require a report solely because of the viewing of the pornographic matter by the therapist, or because of knowledge that a patient possessed child pornography.

… A reader asked me to comment on a question that she had regarding one aspect of the article I wrote in last month’s Avoiding Liability Bulletin (May 2011) entitled “Confidentiality – Possession of Child Pornography.” The reader explained that she expected me to say (in the article) that in a case where abuse was clearly shown in a photograph depicting child pornography, that the abuse couldn’t be reported because both people in the photograph (an older man and young child – neither having any relationship with the patient in possession of the photo) were unknown. While that position may have merit in some states, I am reluctant to endorse it too quickly or too vigorously. Some state child abuse reporting laws contain provisions which clarify that the reporter need not know all of the information that is required to be reported, but that a report is nevertheless required when child abuse is known or reasonably suspected and the mandated reporter learned about it in his or her professional capacity or within the scope of his or her employment. Depending upon the particular wording of state law, a position or argument along the lines that the reader suggests might be appropriate – especially when in the example used, no information is known about the identity or location of the child or adult in the photo, the place of production, or the location of anyone associated with the distribution of the photo.

… Your client tells you that he has just tested positively for HIV/AIDS. Is this information entitled to the confidentiality that other patient communications enjoy? The answer to this and related questions necessarily depends upon state law, professional ethics, and the facts and circumstances of each particular situation encountered. At one end of the spectrum of circumstances possible is the situation where the patient has simply communicated to the therapist or counselor the results of the testing – that is, the existence of a medical condition or disease. At the other end of the spectrum is the case where the patient finds out the results of the test and proclaims that he is intent upon infecting as many people as possible and that he wants to take as many down with him as possible. In the middle, there are a myriad of possible circumstances.

The laws that impact upon the question are those dealing with confidentiality and the exceptions to confidentiality, the particulars of the “dangerous patient law” in the state, and the laws specifically pertaining to HIV/AIDS – that is, the duty or right, if either exists, of the health practitioner to inform sexual partners of the patient’s condition or to otherwise break confidentiality in order to protect one’s health or safety. By use of the term “dangerous patient law,” I am referring to both statutory provisions and to case law. In California, for example, there are statutes that deal with the dangerous patient and allow for disclosure (breaking confidentiality to some degree) under specified circumstances, and there is case law (e.g., the famed Tarasoff v. Regents University of California decision of the California Supreme Court in 1976) that created a therapist’s duty to use reasonable care to protect the intended victim against a patient’s threatened violence. The exercise of that duty will often result in some degree of breaking confidentiality.

While the answer to the question posed above necessarily depends upon the facts and circumstances involved, the general duty to protect confidentiality, and the instinct that the practitioner should generally have to protect the patient’s privacy, will usually protect the information from disclosure by the mental health practitioner. In California, there is a statute that specifically relates to HIV/AIDS and privacy. Without getting too deeply into its many provisions, the statute allows a physician and surgeon who has the results of a confirmed positive test to detect HIV infection to disclose to a spouse or sexual partner certain limited information. The physician may do so only after discussing with the patient a host of matters, including methods of avoiding risks to others, and only after the physician has attempted to obtain the patient’s voluntary consent for notification of his or her contacts. This right to make permissive and limited disclosures is granted only to the physician and surgeon.

It has long been my view that the Tarasoff case, and the duty created by the Court (not a “duty to warn” as is commonly believed), is inapplicable to the situation where the therapist knows of the positive results of a test and knows, for example, that the patient is continuing with his or her sexual relationships, perhaps without the intent to notify a sexual partner or take other precautions. I believe such situations to be inapplicable because the Tarasoff decision deals with situations where the patient communicates to the therapist a serious threat of physical violence against another, or situations where the therapist determines that the patient poses a serious danger of violence to another. Consensual sexual contact between adults, despite the risks thereof, does not, in my view, constitute physical violence.

There are statutes in California that deal with confidentiality and establish the general requirement of obtaining a signed authorization from the patient before releasing confidential information to third parties. These statutes contain provisions that specify the mandatory and permissive exceptions to confidentiality, and they allow disclosures without obtaining the signed authorization of the client. The most relevant (to the question posed above) permissive disclosure allows a psychotherapist to disclose information, consistent with applicable law and standards of ethical conduct, if the psychotherapist, in good faith, believes the disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a reasonably foreseeable victim, and the disclosure is made to a person reasonably able to prevent or lessen the threat, including the target of the threat.

Whether or not this statute would allow a therapist, under certain circumstances, to reveal the fact of the patient’s condition (HIV/AIDS) to the spouse or sexual partner of the patient has not been tested. I have long held a bias in favor of confidentiality, and have often stated that I would rather defend someone who maintained confidentiality, rather than defend someone who broke confidentiality and thereby revealed the patient’s medical condition. If there were a case at the dangerous end of the spectrum mentioned above, it might be arguable that the patient was posing a threat of “violence” (a liberal interpretation) against a third party and that there was a duty to protect the intended victim. It might also be argued that the patient, because of the expressed intent to infect and harm others, constituted a serious and imminent threat to the health or safety of another and that disclosure was necessary and appropriate under the circumstances.

What is the applicable law in your state, and do applicable ethical standards shed any light on this issue?